This invention relates to online commerce systems. More particularly, the invention relates to online stores that are owned by merchants, but hosted by remote independent service providers (ISPs), and to secure protection of merchant owned data resident on servers located at the ISP""s site.
Online commerce is experiencing dramatic growth in recent years. Merchants are developing sites on the World Wide Web (or simply xe2x80x9cWWWxe2x80x9d or xe2x80x9cWebxe2x80x9d) at a rapid pace. With Web sites, consumers can access and order goods and/or services electronically over the Internet from the comfort of their own homes or offices. It is becoming fairly common for a consumer to browse a merchant""s catalog online, select a product, place an order for the product, and pay for the product all electronically over the Internet.
In this new commerce setting, merchants would ideally like to design and host their own Web site to create a desired shopping atmosphere suitable for their products and services. Merchants would also like to manage its proprietary site within the confines of the company. Unfortunately, many merchants do not have the technical expertise to create and maintain a Web site on the Internet. Other merchants may not have the financial wherewithal to install and manage the computer system needed to support a Web site (especially, at their own location). As a result, many merchants turn to independent firms to create and/or manage Web sites on the merchants"" behalf.
This is particularly true for small merchants who typically gain access to the Internet via Internet service providers (ISP). When a small merchant decides to open an online store, it commonly asks an ISP to provide the Internet connection and host the online store on its behalf. Online shoppers can browse the merchant""s store and submit purchase requests for items that they would like to purchase. The purchase order identifies the item, cost, quantity, price, and so forth. Electronic purchase orders also typically include sensitive financial information, such as credit card numbers. The hosting ISP stores the purchase orders, including the credit card information, for subsequent access and retrieval by the merchant.
The merchant-owned, ISP-hosted architecture raises significant legal/liability concerns for the ISP and the merchant. Most security mishaps occur by having data stolen from a storage location, rather than having the data stolen xe2x80x9coff of the wirexe2x80x9d as it is being transmitted to a party, such as the ISP. If the ISP fails to set up the server correctly and someone steals a file containing unencrypted credit card numbers or other sensitive information, both the merchant and the ISP may become exposed to liability.
If online commerce is to move forward and be widely endorsed by ISPs, there is a need for an architecture that provides security at the ISP level to thereby reduce the exposure of ISPs to liability.
This invention concerns an online commerce architecture that enables merchants to setup online stores that are hosted by third party Internet service providers (ISPs). The architecture provides secure storage of the merchant""s commerce information at the ISP-hosted database, thereby diminishing the threat of theft or misuse of this information by parties other than the merchant. This storage security reduces liability for the ISPs and merchants.
The online commerce system includes a merchant computer resident at a merchant and a server computer resident at the ISP. The merchant registers with the ISP to have the ISP host the merchant""s online storefront. During an installation process, Web pages forming the online store are created and stored at the ISP computer. A commerce Web server is run on the ISP-hosted computer. The ISP computer also hosts or runs a session key generator and an order encryption unit.
The merchant computer has a key generator and an order decryption unit. As part of the installation process, the merchant""s key generator creates a pair of private and public keys associated with the merchant. The merchant""s private key is retained at the merchant computer, while the merchant""s public key is passed to the service provider computer and stored in a directory associated with the merchant""s online store.
When a customer orders a product from the online store, the customer submits a purchase request containing product information and sensitive commerce data (e.g., credit card information). The commerce server hosted at the ISP receives the purchase request and generates a session key via the session key generator. The ISP order encryption unit encrypts part or all of the purchase request using the session key, and then encrypts the session key using the merchant""s public key. The ISP stores the purchase request and session key in their encrypted form. In this manner, if illegal access to the IPS""s machine is obtained, the stored sensitive data is protected because it is stored in an encrypted format and the private key needed to access the data is on the merchant""s machine.
The merchant computer routinely accesses the ISP and downloads any purchase requests in their encrypted form. At the merchant, the merchant""s order decryption unit decrypts the session key using the merchant""s private key and subsequently decrypts the purchase request using the decrypted session key.